From 4c19e996218f6c205c1716a0b4718f9bced7f893 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 15 Jun 2021 16:39:22 +0200 Subject: [PATCH] BUG/MINOR: ssl: use atomic ops to update global shctx stats The global shctx lookups and misses was updated without using atomic ops, so the stats available in "show info" are very likely off by a few units over time. This should be backported as far as 1.8. Versions without _HA_ATOMIC_INC() can use HA_ATOMIC_ADD(,1). --- src/ssl_sock.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index fcb089b92..68391326d 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -4061,7 +4061,7 @@ SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *k SSL_SESSION *sess; struct shared_block *first; - global.shctx_lookups++; + _HA_ATOMIC_INC(&global.shctx_lookups); /* allow the session to be freed automatically by openssl */ *do_copy = 0; @@ -4081,7 +4081,7 @@ SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *k if (!sh_ssl_sess) { /* no session found: unlock cache and exit */ shctx_unlock(ssl_shctx); - global.shctx_misses++; + _HA_ATOMIC_INC(&global.shctx_misses); return NULL; }